Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:services:vpn:pppossh:server [2023/03/15 01:51] – [1. Preparation] vgaetera | docs:guide-user:services:vpn:pppossh:server [2023/03/16 12:52] – consolidate variable naming vgaetera | ||
|---|---|---|---|
| Line 11: | Line 11: | ||
| ===== Command-line instructions ===== | ===== Command-line instructions ===== | ||
| ==== 1. Preparation ==== | ==== 1. Preparation ==== | ||
| - | Generate client [[docs: | + | Specify |
| - | Specify | + | |
| <code bash> | <code bash> | ||
| # Configuration parameters | # Configuration parameters | ||
| VPN_PORT=" | VPN_PORT=" | ||
| + | </ | ||
| + | |||
| + | ==== 2. Key management ==== | ||
| + | Generate and exchange [[docs: | ||
| + | Set up key-based authentication. | ||
| + | |||
| + | <code bash> | ||
| + | # Server private key | ||
| + | VPN_KEY="/ | ||
| + | |||
| + | # Generate server public key | ||
| + | dropbearkey -y -f ${VPN_KEY} \ | ||
| + | | sed -n -e "/ | ||
| + | |||
| + | # Client public key | ||
| VPN_PUB=" | VPN_PUB=" | ||
| Line 25: | Line 39: | ||
| </ | </ | ||
| - | ==== 2. Firewall ==== | + | ==== 3. Firewall ==== |
| Consider VPN network as private. | Consider VPN network as private. | ||
| Assign VPN interface to LAN zone to minimize firewall setup. | Assign VPN interface to LAN zone to minimize firewall setup. | ||
| Line 47: | Line 61: | ||
| </ | </ | ||
| - | ==== 3. VPN service ==== | + | ==== 4. VPN service ==== |
| Configure VPN service. | Configure VPN service. | ||
| + | Disable password authentication. | ||
| <code bash> | <code bash> | ||